Hello, We have fixed this issue, you can test our nightly builds to verify the fix. To test the nightly build, follow the instructions given here https://www.postgresql.org/ftp/pgadmin/pgadmin4/snapshots/2024-06-12/apt/ .
Thanks, Khushboo On Mon, Jun 10, 2024 at 3:18 PM Qasim Tahir <qasimtahir....@gmail.com> wrote: > Hi Everyone, > > Any update regarding the issue. > > Thanks > Qasim > > On Mon, Jun 3, 2024 at 10:46 AM Khushboo Vashi < > khushboo.va...@enterprisedb.com> wrote: > >> >> >> On Sat, Jun 1, 2024 at 8:34 PM Dave Page <dp...@pgadmin.org> wrote: >> >>> Akshay, could you or one of the team look into this please? >>> >> I am looking into this issue >> >>> >>> Thanks. >>> >>> On Fri, 31 May 2024 at 23:27, Qasim Tahir <qasimtahir....@gmail.com> >>> wrote: >>> >>>> Hi, >>>> Platform and package details are below >>>> >>>> Platform: *Rocky 8.9* >>>> *pgadmin *version*: 8.7* >>>> >>>> Regards >>>> Qasim >>>> >>>> On Sat, Jun 1, 2024 at 3:09 AM Dave Page <dp...@pgadmin.org> wrote: >>>> >>>>> Hi >>>>> >>>>> On Thu, 30 May 2024 at 23:17, Qasim Tahir <qasimtahir....@gmail.com> >>>>> wrote: >>>>> >>>>>> Dear PgAdmin Community, >>>>>> >>>>>> I am writing to report a potential security issue with the >>>>>> permissions set in the PgAdmin installation directory. >>>>>> >>>>>> After installing PgAdmin, I observed that several directories, >>>>>> including 'bin', 'venv', and 'web', have 775 permissions. Here are the >>>>>> details of the directory permissions: >>>>>> [image: image.png] >>>>>> >>>>>> Given the broad access provided by 775 permissions, there is a >>>>>> concern about the potential for unauthorized access or modifications. >>>>>> >>>>>> >>>>>> I would like to ask if these permissions are necessary for PgAdmin's >>>>>> operation or if they could be tightened to enhance security. >>>>>> >>>>>> Your guidance on this matter would be greatly appreciated. >>>>>> >>>>>> Thank you for your attention to this issue. >>>>>> >>>>> >>>>> What platform and package is this exactly? >>>>> >>>>> -- >>>>> Dave Page >>>>> pgAdmin: https://www.pgadmin.org >>>>> PostgreSQL: https://www.postgresql.org >>>>> EDB: https://www.enterprisedb.com >>>>> >>>>> >>> >>> -- >>> Dave Page >>> pgAdmin: https://www.pgadmin.org >>> PostgreSQL: https://www.postgresql.org >>> EDB: https://www.enterprisedb.com >>> >>>
